Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

How bots impact major onsales [Webinar]

“Bots” first entered popular consciousness last year with the passing of the BOTS Act, and the proliferation of messaging bots. However, those of us in the ticketing industry have been dealing with bots for years.

Rami Essaid, CEO of Distil Networks, and Niels Sodemann, CEO of Queue-it present the evolution of good and bad bots, their impact on the ticketing ecosystem, current and pending legislation, and innovative onsale bot mitigation strategies.

Key Takeaways include:

·The impact of the BOTS Act and other legislation on your business
·How fraudsters, competitors and hackers leverage bots
·Four bad bot attack vectors every ticketing industry player must understand
·Determining the right bot mitigation strategy for premium onsales

9.
▪ Prohibits the circumvention of a security
measure used to enforce ticket purchasing
limits for an event with an attendance
capacity > 200 pers.
▪ Prohibits the sale of an event ticket
obtained through such a circumvention
violation if the seller participated in, had the
ability to control, or should have known
about it
BOTS Act key prohibitions

13.
▪ Must Have Protections
Prohibits the circumvention of a security
measure used to enforce ticket purchasing
limits for an event with an attendance capacity
> 200 pers.
Who does it impact? Primary Ticketing.
▪ Federal Trade Commission Audits:
Treats violations as unfair or deceptive acts
under the FTC Act. The bill provides authority to
the FTC and states to enforce against such
violations

14.
▪ Must Have Protections
Prohibits the circumvention of a security
measure used to enforce ticket purchasing
limits for an event with an attendance
capacity > 200 pers.
Who does it impact? Secondary Ticketing.
▪ FTC Audits
Treats violations as unfair or deceptive
acts under the FTC Act, provides authority
to the FTC and states to enforce against
such violations
Prohibits the sale of an event ticket
obtained through such a circumvention
violation if the seller participated in, had
the ability to control, or should have
known about it

15.
Can you enforce?
Who does this impact? Venues.
Can you comply? Can you cooperate?

16.
If you aren’t bypassing security measures on a website in order to get
tickets, you aren’t breaking the law.
▪ Doesn’t eliminate the ability to buy & resell tickets obtained legally
▪ Doesn’t address historical relationships between sellers and reseller
▪ Doesn’t make the 40% of tickets not on public sale magically reappear
What the BOTS Act does not address

18.
▪ Precise log in, processing thousands of
purchases faster than any human
▪ Fooling CAPTCHA, with huge database
of combinations + operating at
lightning speed
▪ Securing best seats & selling them at a
steep markup for resale to the public
How they did it
Source: U.S. Attorney Office, The Star Ledger

20.
Why you can’t sell out in 20 minutes
Ticket onsales timeline
It’s not possible to sell out in less
than 2x basket/cart timeout time
More info: https://queue-
it.com/presentation-can-you-sell-out-in-2-
minutes-no-learn-why/

21.
In other words, as a venue, organization or ticketing
software platform, it is still on you to defend against
this fraudulent activity during your major onsales

26.
Financial fraud
Targets are accounts at financial or
e-commerce services that store
users’ banking details. The attackers
perform unauthorized withdrawal
from bank accounts or fraudulent
transactions using the credit/debit
cards on file.
This includes virtual currency such
as bitcoin, in-game currency, and
rewards programs. This is all worth
real money.
Account Takeover Attacks: Why?
Spam
Spam can appear in any service
feature that accepts user-
generated content, including
discussion forums, direct
messages, and reviews/ratings,
degrading platform integrity
and brand reputation.
Phishing
Attackers can assume a
compromised user’s identity and
launch phishing attacks on
others in his/her social circle to
steal their credentials, personal
information, or sensitive data.

40.
StubHub Case Study
Skewed Conversion Tracking
“The number of conversions were
greatly deflated because of bad bot
traffic. Now that we’re filtering bad
bot traffic out, we’re able to see
what the real data is and make
decisions based on real visitors.”
Marty Boos
CIO, StubHub